UDID usage in pre-iOS6 apps (and IDFA for 6.0+)
The new IDFA iOS6 features work great for tracking conversions for users running iOS6. However, if the app has a minimum supported version lower than iOS 6, what is the acceptable approach when running on a pre-iOS6 device?
Jumptap mentions that you are still allowed to use UDIDs on pre-iOS6 devices:
The Advertising ID (IDFA) was introduced in iOS 6. It has been used by advertisers for conversion tracking and advanced targeting, among other things. On devices using iOS 6 (or higher), IDFA is intended to replace the UDID as the device identifier. On devices using iOS 5 (or lower), Apple will continue to support the use of UDIDs as device identifiers.
This is not good with me. IOS version checking is a runtime, meaning your code always statically references the legacy UDID accessory, and only at runtime decides whether to read or not. Of course, Apple's verification process will see a static UDID link and reject the app. They are not going to decompile the code and validate your logic, or try to do a 100% code coverage test to confirm that it is never readable when running on iOS6. Are they?!?!
Additionally, AppsFlyer mentions that UDIDs can be included in their SDK , with this note:
* UDID details. Some ad networks (like Tapjoy) require UDIDs to run CPI campaigns. In the above case, you need to enable the UDID and update your Terms of Service with a clear privacy statement notifying your users of the collection of their personal information.
It seems that the UDID is still allowed to read as long as you tell the user. However, I cannot find any mention of this in the official Apple documentation.
source to share
Most likely they are not, but they should. But look, Apple's goal is not to please the developer; their goal is to please themselves (that is, to make a lot of money).
If you are afraid that this incident will eventually happen to you (which is a perfectly reasonable fear), you can try to obfuscate the call to this particular message (and only call it on iOS 5 and older so as not to violate the TOS). Example:
NSString *str1 = @"ueId";
NSString *str2 = @"uniq";
NSString *sel = [NSString stringWithFormat:@"%@%@ent%cfi%s", str2, str1, 'i', "er"];
SEL msg = NSSelectorFromString(sel);
if (iOS_5_or_older) {
deviceID = [[UIDevice currentDevice] performSelector:msg];
}
This is a rather weak "obfuscation", but it can be enough to get past the static analytic part of the story if Apple really gets lazy and / or decides to do b * dger you.